[9442] in bugtraq
Sendmail 8.9.3
daemon@ATHENA.MIT.EDU (Patrick Oonk)
Tue Feb 9 16:40:15 1999
Date: Tue, 9 Feb 1999 17:55:16 +0100
Reply-To: Patrick Oonk <patrick@PINE.NL>
From: Patrick Oonk <patrick@PINE.NL>
To: BUGTRAQ@NETSPACE.ORG
Hi all,
Sendmail 8.9.3 has been silently released a few days ago.
It can be found at www.sendmail.org
8.9.3/8.9.3 99/02/04
SECURITY: Limit message headers to a maximum of 32K bytes (total
of all headers in a single message) to prevent a denial of
service attack. This limit will be configurable in 8.10.
Problem noted by Michal Zalewski of the "Internet for Schools" project (IdS).
Patrick
--
: Patrick Oonk - http://patrick.mypage.org/ - patrick@pine.nl :
: Pine Internet B.V. Consultancy, installatie en beheer :
: Tel: +31-70-3111010 - Fax: +31-70-3111011 - http://www.pine.nl/ :
: -- Pine Security Digest - http://security.pine.nl/ (Dutch) ---- :
: "unix is voor types zonder sociaal leven..." - Patrick van Eijk :
